Decoupling security and machine lifecycle

A cloaking device for trusted machines

The number of cyberattacks against industries is increasing very fast. The complexity of production networks is growing, and with complexity comes a higher level of vulnerability. Moreover, most machines currently in use are not designed to meet today's security requirements: Their operating systems are often outdated or simply do not receive the necessary security patches.

Security-by-design comes with a built-in expiration date

Even security-by-design for new industrial machines is unlikely to prove a lasting protection against cyberattacks. Given the pace at which the sophistication of cyberattacks grows, they will overcome the security levels of security-by-design machines long before they reach the end of their lifecycle in 20 years or more. G+D’s approach to overcoming this weakness is the decoupling of security and machine lifecycle. The machine will be protected without the need to change or update the system.

The security challenge

Current status of cyber protection for industrial machines

Typically no security updates and/or patches for industrial PCs

No 3rd-level protection similar to anti virus software or a software firewall on industrial PCsbecause of undesired side-effects to the system, such as blue screens or warranty loss. In addition, security lifecycle and update frequency are too short for the security needs of manufacturing.

Even a operating system of 10 or more years that appears robust, but has not been patched, is vulnerable to cyberattacks.

With the progress of digitization, more and more machines are becoming visible to the internet. Visible details can include machine type and the version of the operating system. But if you are visible, you are vulnerable.

Industry networks are becoming more complex. Complexity creates loopholes that may be easy to exploit. Attacks tend to start at the weakest point of a network or system.

Security-By-Design rules for manufacturing PCs is unusual. In addition, SBD rules for industrial PCs are often insufficient or lack standardization.

The effectiveness of security measures and tools is limited by the time. Retrofitting is difficult and the security lifecycle remains short.

Active cyber protection for industrial systems and environments

Simplified view of Active Cyber Protection by G+D

The security suite, Active Cyber Protection, shields systems and environments from cyberattacks. It makes devices invisible to the outside, without impacting machines, medical devices, systems, or processes on the inside.

Recommendations for enhanced security in manufacturing environments

+ Security-by-desin for new and upcoming machines+ Decouple security and machine lifecycles+ Use IT security appliance via an external device (microsegmentation). This is a level-3 defense.+ Use device-specific behavior monitoring (passive), e.g. Anomaly Detection. This is level-4 defense.

The 5 modules of Active Cyber Protection

Stealth shield

+ Up-to-date, managed IT security appliance+ Security without side effects and without impacting machines, systems, or production processes+ Designed for industrial systems and environments as well as for devices inside critical infrastructure

By submitting this contact form, I consent to my data being processed to respond to my enquiry - as stated in the <a href="en/gb/data-privacy/" class="ce--link" title="G+D privacy policy" target="_blank">G+D privacy policy</a>.TitleMr.Ms.